Senior Security Engineer – GRC Controls, Audit

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee our commercial audit initiatives

• Collaborate directly with the Senior Manager of Governance, Risk, and Compliance (GRC)

• Determine the criteria for what constitutes "good evidence" across SOC 2 Type II, ISO 27001/27017/27018, and ISO 27701

• Assist in developing AI-driven workflows and automation for our audit processes

• Work collaboratively with Engineering, IT, Security, and People teams

⛳️ Requirements

• A minimum of 5 years of experience in Governance, Risk, and Compliance (GRC), compliance, or auditing

• Extensive hands-on experience with SOC 2 Type II

• Strong familiarity with ISO 27001 and its related standards (27017, 27018, 27701)

• Proven experience in leading technical audit walkthroughs with external auditors

• Capability to define what constitutes "good evidence" for each control domain

• Demonstrated ability to design and implement control testing

• Experience working cross-functionally with Engineering, IT, Security, and People teams

• Excellent written and verbal communication skills

• Familiarity with compliance automation tools (Drata, Vanta, Secureframe, or similar)

🏝️ Benefits

• Comprehensive health, dental, 401k, and various other benefits

• Generous paid time off policy

• Equity grant opportunities

• Involvement in our incentive programs